I am a CISA now.

      No Comments on I am a CISA now.

IT Security, Compliance Auditing and Governance has been on my focal areas for many years now…but I did’nt have a chance to explore it more closely due to my hands-on technical focus on implementing security solutions. Ofcourse, you can’t practice IT security implementation and compliance auditing together as a job – that certainly defeats the fundamental principles of security.  So at the least, I wanted to know the skills of an IT auditor who evaluates the appropriateness and effectiveness of security controls — from a security practitioner’s perspective before there’s a audit violation or serious security issue that threatens required compliance. Additionally, I  wanted to have the confidence of highlighting my customers, which types of security technologies are relevant and appropriate to meet their security control objectives and IT audit criteria.  So I ended up exploring a CISA certification – to understand common body language of IT audit and governance process particularly to know the several critical areas of IT auditing which is not in the scope of IT security. I was also intrigued by the fact, many private and public organizations recognize ISACA’s CISA credential as the standard for information systems auditors.

I received my CISA exam results last week – it is great to know that I passed the exam – with an excellent score that was beyond my expectations :-).  From my experience, It was not a tough exam. I did prepare for this exam a bit seriously for atleast couple of weeks (mostly evenings).  I am not good at cramming techniques, so I ended up reading the select domains (IS Audit process and IT Governance) of CISA Review Manual 2008 where I was weaker..and glimpsed through other domains where I was very comfortable right from the beginning.  Anyway it is good to have this designation..when the state of IT industry is in a turmoil.  One note from a Deputy State Auditor still ringing in my ears – “Ramesh, with all the current audit regulations and more in the making…. IT Security industry remains stronger with growing demands and having a CISSP and CISA designations makes it easier to furthering your IT security career”.

Leave a Reply

Your email address will not be published. Required fields are marked *